Questions tagged [aws-lambda]

2 questions
5
votes
3 answers

How to make S3 Presigned url single use only?

Issue: I have a presigned url which is valid for 15 minutes. Upload can be initiated any number of times if the presigned url is captured in this time frame. I want to make an S3 presigned url for upload as secure as possible, so that uploaded file…
5
votes
2 answers

What is the use case of request signing in this mobile app?

The API of a mobile app I was testing is sending the AWS AccessKeyId and SecretKey used for request signing from the AWS Cognito server unencrypted (apart from the regular TLS encryption). Making it possible to re-sign all requests to their AWS…